Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1260

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-1260
Last Modified 07 Mar 2011 09:21:32
Published 19 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1260

Summary

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

Vulnerable Systems

Operating System

  • Ubuntu Linux 4.10

  • Ubuntu Linux 5.04

Application

  • Bzip2


References

CERT - TA07-319A

VUPEN - ADV-2007-3868

VUPEN - ADV-2007-3525

UBUNTU - USN-127-1

BID - 26444

BID - 13657

REDHAT - RHSA-2005:474

FEDORA - FLSA:158801

DEBIAN - DSA-741

SUNALERT - 200191

SUNALERT - 103118

SECUNIA - 27643

SECUNIA - 27274

SECUNIA - 19183

SECUNIA - 15447

APPLE - APPLE-SA-2007-11-14

CONFIRM - http://docs.info.apple.com/article.html?artnum=307041

SGI - 20060301-01-U

Related Patches

Apple 2007-11-14 Mac OS X 10.4.11 Update (PPC)

Apple 2007-11-14 Mac OS X 10.4.11 Combo Update (PPC)

Apple 2007-11-14 Mac OS X Server 10.4.11 Combo Update (PPC)

Apple 2007-11-14 Mac OS X Server 10.4.11 Update (PPC)


Last Updated: 27 May 2016 10:40:06